Skip to content

fix(controller): default agent deployments to restricted Pod Security#2251

Open
reyshazni wants to merge 1 commit into
kagent-dev:mainfrom
reyshazni:fix-agent-pod-security-defaults
Open

fix(controller): default agent deployments to restricted Pod Security#2251
reyshazni wants to merge 1 commit into
kagent-dev:mainfrom
reyshazni:fix-agent-pod-security-defaults

Conversation

@reyshazni

Copy link
Copy Markdown

Problem

Agent Deployments created through the kagent UI or CLI produce pod templates with empty securityContext at both pod and container level. On clusters that enforce the Kubernetes restricted Pod Security Standard (the recommended default since Kubernetes 1.25), admission rejects these pods before they start. Agents never become ready.

The kagent control-plane pods are already compliant, which makes this inconsistency confusing for users.

Fixes #2244

Root Cause

buildContainerSecurityContext returns nil when the Agent CR has no SecurityContext and code-exec isolation is not needed. buildPodTemplate passes dep.PodSecurityContext directly, which is also nil by default. The result is a pod spec with no security context at either level.

Fix

When the user does not supply security context fields, the controller now injects restricted-PSS-compliant defaults:

Container level:

  • runAsNonRoot: true
  • allowPrivilegeEscalation: false
  • capabilities.drop: [ALL]
  • seccompProfile: RuntimeDefault

Pod level:

  • runAsNonRoot: true
  • seccompProfile: RuntimeDefault

User-supplied values always take precedence. The existing base != nil path in buildContainerSecurityContext and the nil check in defaultPodSecurityContext preserve any explicit user configuration unchanged.

The code-exec isolation path (skills with sandbox) is also unchanged: when needCodeExecIsolation is true, the controller still sets Privileged: true as before.

Testing

  • Updated TestSecurityContext_OnlyPodSecurityContext to verify that the container now receives restricted defaults instead of nil
  • Updated TestSecurityContext_OnlyContainerSecurityContext to verify that the pod now receives restricted defaults instead of nil
  • Added TestSecurityContext_NilSecurityContext_RestrictedDefaults covering the common case where no SecurityContext is set at all
  • All 6 security context tests pass
  • Existing tests for skills/sandbox (SkillsDefaultPrivilegedSandbox, SkillsPSSRestricted) continue to pass without modification

Signed-off-by: reyshazni <reyshazni@gmail.com>
@reyshazni
reyshazni requested a review from a team as a code owner July 15, 2026 08:22
Copilot AI review requested due to automatic review settings July 15, 2026 08:22
@github-actions github-actions Bot added the bug Something isn't working label Jul 15, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the agent manifest translation layer so that controller-generated Agent Deployments default to Kubernetes Pod Security Standards (PSS) restricted-compliant securityContext values when users do not explicitly provide them, preventing admission rejection on restricted-enforced clusters.

Changes:

  • Inject restricted-PSS defaults for container security context when none is provided (runAsNonRoot, seccomp RuntimeDefault, drop ALL capabilities, disallow privilege escalation).
  • Inject restricted-PSS defaults for pod security context when none is provided (runAsNonRoot, seccomp RuntimeDefault).
  • Update and extend unit tests to assert the new defaulting behavior for pod-only, container-only, and fully-nil security context cases.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
go/core/internal/controller/translator/agent/manifest_builder.go Adds restricted-PSS defaulting helpers and applies them when security contexts are omitted during pod template construction.
go/core/internal/controller/translator/agent/security_context_test.go Updates existing security-context tests and adds coverage for the fully-nil case to verify restricted defaults are applied.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines 553 to 557
Spec: corev1.PodSpec{
ServiceAccountName: *dep.ServiceAccountName,
ImagePullSecrets: dep.ImagePullSecrets,
SecurityContext: dep.PodSecurityContext,
SecurityContext: defaultPodSecurityContext(dep.PodSecurityContext),
InitContainers: runtimeInputs.initContainers,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Default regular Agent Deployments to satisfy restricted Pod Security

2 participants